Two Factor Authentication with a Bookmarklet

I've been meaning to write about this all week, but kept forgetting.
Ben Adida has proposed a two-factor
authentication scheme using a bookmarklet which looks pretty
cool. Ben calls this a "bookmark," but I prefer "bookmarklet" since
it's a bookmark that contains a runnable Javascript.

The solution seems pretty cool. My biggest question centers on
usability. When you imagine this scenario with one site, it seems
simple enough, but if every place you wanted to log into on the 'Net
needed a bookmarklet, you'd have a bookmarks file full of
entries to allow you to log in. What a management headache.

Of course, if you're using OpenID and the only bookmarket you need is
one for your OpenID site, then that's not such a big deal. So,
scaling Ben's idea presupposes the existence and broad
acceptance of a wide-area identity system like OpenID.

Update: I misunderstood. It's not a bookmarket. The bookmark
doesn't contain any Javascript--rather the page you go to
contains the javascript and recognizes a shared secret that is
in the bookmark and gets put in URL as a fragment identifier (which
is never sent across the wire). Neat.